I. Field of Invention
This invention relates generally to a system and method for verifying delivery and content of an electronic message and, more particularly, to a system and method of later providing proof regarding the delivery and content of an e-mail message. More specifically, the invention relates to a system and method for sending registered mail through the internet while verifying delivery and content of an electronic message and later providing proof regarding the delivery and content of the registered e-mail message.
II. Description of the Related Art
In recent years e-mail has become an indispensable business tool. E-mail has replaced “snail mail” for many business practices because it is faster, cheaper and generally more reliable. But there remain some mail applications where hard copy is still dominant, such as registered and certified mail. For example, when a letter is sent by certified mail the sender is provided with a receipt to prove that the letter was mailed. A returned registered mail receipt adds the Postal Service's confirmation that the letter was successfully delivered to the addressee or the addressee's authorized agent. Additionally, private couriers such as Federal Express® and United Parcel Service® (UPS) provide some type of delivery confirmation. Since every piece of courier mail is, in effect, registered it is natural for consumers to turn to these services when they want proof of delivery.
Many existing e-mail systems and e-mail programs already provide for some form of proof of delivery. For instance, some e-mail systems today allow a sender to mark a message with “request for notifications” tags. Such tags allow a sender to request notification that the message was delivered and/or when the message was opened. When a sender requests delivery notification, the internet e-mail system may provide the sender with an e-mail receipt that the message was delivered to the mail server or electronic in-box of the recipient. The receipt message may include the title of the message, the destination address, and the time of delivery. It may also include (depending on the types of “flags” that are provided and activated in the mailing software) a list of all the internet “stations” that the message passed through en route to its destination. This form of reporting is built into some of the rules and protocols which implement e-mail. Furthermore, when a message is sent with a “read notification” request, the recipient's e-mail program may send to the sender an e-mail notification that the recipient opened that message for reading. Many electronic mail clients can and do support this kind of reporting; however, Internet protocols do not make this mandatory.
However, this does not mean that an e-mail sent with a notification request is as effective in all respects as registered mail. People certify and register letters because they want proof of delivery, e.g., proof that can be used in a civil or criminal proceeding, or proof that will satisfy a supervisor or a client or a government agency that a message has been sent, a job has been done, an order placed, or a contract requirement satisfied.
A registration receipt from the United States Postal Service (USPS) constitutes proof of delivery because the USPS stands behind it. The receipt represents the Post Office's confirmation that the letter or package in question was actually delivered to the addressee or his authorized representative. On the other hand, with the e-mail receipt various hurdles exist to an e-mail receipt being admitted and relied upon as persuasive evidence in a court of law as a proof that the message was delivered. After all, the receipt may be just another e-mail message that could have been altered or created by anyone, at any time.
There exists a need for an e-mail system and/or method that can provide reliable proof of the content and delivery of an e-mail message in order to take fuller advantage of the convenience and low cost of communicating via e-mail.
To meet this need some systems have been established whereby senders may receive third party proof of delivery by enrolling in services whereby:                a) The sender transmits an electronic message to a third party together with a list of the document's intended recipients.        b) The third party sends a notification to each of the message's intended recipients inviting them to visit the third party's web site where the message can be viewed.        c) If the intended recipient visits the third party's web site to view the message, the third party records this visit so that the sender may know that his message has been read by the recipient.        
The drawbacks of such systems are manifold. In the first place, they rely essentially on the co-operation of the recipient of the e-mail to collect his messages from the third party's service. But the circumstances in which a sender may want proof of delivery of a message are often ones in which it cannot be assumed that the intended recipient will co-operate in receiving the message. In such cases, e.g. where acknowledging receipt of the message would place a financial or legal burden on the recipient, the recipient can simply ignore the notification that mail is available for him to receive. Note that there is nothing in such a system to guarantee that the intended recipient has received notification of waiting mail. In the second place, such systems are cumbersome and slow to use as compared to regular e-mail insofar as it can require the sender and/or the recipient to connect to a World Wide Web site to send, collect and verify the delivery of each message. Moreover, transmission of documents by such methods may require both sender and receiver to upload and download files to a web site. Finally, because these methods require the third party to retain a copy of the whole of each message until such time as they are collected or expired, the methods can require its provider to devote substantial computational resources to data storage and data tracking over an extended period of time. As an alternative method of providing proof of delivery, some systems provide proprietary e-mail clients or web-browser plug-ins that will notify senders when a message has been received provided that a recipient uses the same e-mail client. The obvious disadvantage of such systems is that they require both sender and recipient to use the same e-mail client.
Therefore, there exists a need for an e-mail system/method that can provide reliable proof of the content and delivery of electronic messages which does not require the compliance or cooperation of the recipient, which requires no special e-mail software on the part of sender or recipient, which operates with the same or nearly the same convenience and speed of use as conventional e-mail, and which can be operated economically by a service provider.
A general object of the invention disclosed and claimed in co-pending non-provisional application Ser. No. 09/626,577, filed by Terrance A. Tomkow on Jul. 27, 2000 and assigned of record to the assignee of record in this application, is to provide a system and method for reliably verifying via secure and tamper-proof documentation the content and delivery of an electronic message such as an e-mail. Ideally, the invention disclosed and claimed in co-pending application Ser. No. 09/626,577 will give e-mail and other electronic messages a legal status on a par with, if not superior to, that of registered United States mail. However, it is not necessary to the invention that any particular legal status is accorded to messages sent according to the methods taught herein, as the invention provides useful information and verification regardless.
The invention disclosed and claimed in co-pending non-provisional application Ser. No. 09/626,577 includes an electronic message system that creates and records a digital signature of each electronic message sent through the system. An originator may send a copy of the electronic message to the system or generate the electronic message within the system itself. The system then forwards and delivers the electronic message to all recipients (or to the designated message handlers associated with the recipients), including “to” addressees and “cc” addressees. Thereafter, the system returns a receipt of delivery to the originator of the electronic message. The receipt includes, among other things: the original message, the digital signature of the message, and a handshaking and delivery history including times of delivery to the recipients. To later verify and authenticate information contained in the receipt, the originator or user sends a copy of the receipt to the system. The system then verifies that the digital signature matches the original message and the rest of the receipt. If the two match, then the system sends a letter or provides other confirmation of authenticity verifying that the electronic message has not been altered.
The system disclosed and claimed in co-pending non-provisional application Ser. No. 09/626,577 may include a form of e-mail server connected to the Internet, which can be utilized in many ways. For instance, individual users can register their electronic messages, such as e-mails, by sending a “carbon copy” (cc:) to the system or composing the message within the system itself. For corporate or e-commerce users, these users can change their server to a server incorporating the present invention and have all of their external electronic messages registered, with the option of having the system retain and archive the receipts. The system can accept and verify encrypted electronic messages and manage the electronic messages within and/or outside a “fire wall.” For web-based users, i.e., individuals or corporations using web-based e-mails, such as MSN Hotmail® or Yahoo Mail®, such users could check a box or otherwise set a flag within their e-mail programs to select on a case-by-case basis whether to make the e-mails of record and/or to archive the messages using the system disclosed and claimed in co-pending non-provisional application Ser. No. 09/629,577.
The digital signature can be created using known digital signature techniques, such as by performing a hash function on the message to produce a message digest and then encrypting the message digest. Separate digital signatures can be created for the body of the message, any attachments, and for the overall message including the body, the attachments, and the individual message digests. The encrypted message digest provides one type of message authentication or validation code, or secure documentation. Other message authentication and/or validation codes may also be generated and used.
In one aspect, the invention disclosed and claimed in co-pending application Ser. No. 09/626,577 is a method of providing proof regarding the delivery and content of an electronic message, comprising: receiving from a sender across a computer network an electronic message, the message having a delivery address associated therewith; computing a message digest according to the message; encrypting the message digest; sending the message electronically to a destination corresponding to the delivery address; recording the Simple Mail Transport Protocol (SMTP) or Extended SMTP (ESMTP) dialog which effects the delivery of the message; receiving Delivery Status Notification information associated with the message and the delivery address; providing to the sender an electronic receipt, the receipt comprising: a copy of the message, the encrypted message digest, the (E)SMTP transcripts, and at least a subset of the Delivery Status notification information, and, at a future date, receiving electronically the electronic receipt from the sender, verifying that the encrypted message digest corresponds to the message, and verifying that the message was received by an electronic message handler associated with the delivery address.
In another aspect, the invention disclosed and claimed in co-pending application Ser. No. 09/626,577 includes a method of verifying delivery of an electronic message, comprising: in a wide area network computer system, receiving an electronic message from a message sender for routing to a destination address; establishing communication with an electronic message server associated with the destination address, the server defining a destination server; querying the destination server to determine whether the destination server supports Delivery Status Notification (DSN) functionality; receiving a response to the query, the query and response together defining an SMTP dialog; requesting Delivery Status notification information from the destination server according to results of the SMTP dialog; transmitting the electronic message to the destination address; receiving DSN information from the destination server with respect to delivery of the electronic message; and providing to the message sender at least a portion of the SMTP dialog, and at least a portion of the DSN information.
In yet another aspect, the invention disclosed and claimed in co-pending application Ser. No. 09/626,577 includes a method of verifying content of a received electronic message, comprising: receiving the electronic message; generating a digital signature corresponding to the content of the received message; providing the message and the digital signature to a designated addressee; and, at a later time, verifying that the digital signature corresponds to the message.
In accordance with still another aspect of the invention disclosed and claimed in copending application Ser. No. 09/626,577, the method includes establishing whether a message was electronically received by a recipient, comprising: providing a message to be dispatched electronically along with a recipient's address from a sender; creating a signature associated with the message; dispatching the message electronically to the recipient's address; tracking the message to determine a final Delivery Status of the message dispatched to the recipient's address; upon receiving final Delivery Status of the message, generating a receipt, the receipt including a copy of the message, the signature, and the final Delivery Status for the message; and providing the receipt to the sender for later establishing that the message was electronically received by the recipient.
In accordance with yet another aspect of the invention disclosed and claimed in copending application Ser. No. 09/626,577, a method is provided for proving that an electronic message sent to a recipient was read, comprising: providing an electronic message along with a recipient's address; calculating a digital signature corresponding to the electronic message; dispatching the electronic message electronically to the recipient's address; requesting a Mail User Agent (email client “reading”) notification from the recipient; upon receiving the reading notification, generating a reading receipt, the reading receipt including a copy of the message, the digital signature for the corresponding electronic message, and a second digital signature for the reading receipt from the recipient; and providing the reading receipt for later verification that said message was received by the recipient.
In accordance with another aspect of the invention disclosed and claimed in co-pending application Ser. No. 09/626,577, a method is provided for validating the integrity of a purported copy of an electronic message, comprising: receiving the purported electronic message copy, said purported copy including an encrypted message digest associated therewith; decrypting the message digest; generating a second message digest based on content of the purported copy; and validating the purported copy by comparing the decrypted message digest and the second message digest to determine whether the two message digests match.
In accordance with a still further aspect of the invention disclosed and claimed in copending application Ser. No. 09/626,577, a method is provided for validating a received registered e-mail, comprising: receiving an electronic receipt, said receipt including a base message and an encrypted message digest; decrypting the encrypted message digest; generating a second message digest from the base message; and validating the e-mail if the decrypted message digest matches the second message digest.
In yet another aspect, the invention disclosed and claimed in co-pending application Ser. No. 09/626,577 includes a website at which users can go to send and receive secure messages, with the website host acting as an independent third party which will send and receive the messages and provide secure documentation regarding the content and delivery of the messages.
The above-described objects of the invention disclosed and claimed in co-pending application Ser. No. 09/626,577 and other features and benefits of the present invention will become clear to those skilled in the art when read in conjunction with the following detailed description of a preferred illustrative embodiment and viewed in conjunction with the attached drawings in which like numbers refer to like parts, and the appended claims.